package com.demo.security.cloud.servicecenter.controller;

import com.alibaba.fastjson.JSON;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@Slf4j
@RestController
public class OrderController {

	@GetMapping(value = "/hello", produces = "text/plain;charset=utf-8")
	public String hello() {
		return "hello jwt order";
	}

	@GetMapping(value = "/r/r1")
	@PreAuthorize("#oauth2.hasScope('ROLE_API') and hasAnyAuthority('p1')")
	public String r1(){
		// 不通过网关转发的请求，直接使用token，可以进入
		// 而且，scope就是数据库中客户端配置表字段scope
		// 权限就是数据库中自定义用户表的authority字段
		// 原因是重新在SecurityContextHolder中设置Authentication的类型不对，应该传入OAuth2Authentication
		Object authentication = SecurityContextHolder.getContext().getAuthentication();
		System.out.println(JSON.toJSONString(authentication));
		log.info(JSON.toJSONString(authentication));
		if (authentication instanceof OAuth2Authentication){
			log.info("getOAuth2Request>>>>" + JSON.toJSONString(((OAuth2Authentication) authentication).getOAuth2Request()));
			log.info("getUserAuthentication>>>>" + JSON.toJSONString(((OAuth2Authentication) authentication).getUserAuthentication()));
		}
		return "resource: r1";
	}

	@GetMapping(value = "/r/r2")
	@PreAuthorize("#oauth2.hasScope('ROLE_API') and hasAnyAuthority('p2')")
	public String r2(){
		Object authentication = SecurityContextHolder.getContext().getAuthentication();
		System.out.println(JSON.toJSONString(authentication));
		log.info(JSON.toJSONString(authentication));
		if (authentication instanceof OAuth2Authentication){
			log.info("getOAuth2Request>>>>" + JSON.toJSONString(((OAuth2Authentication) authentication).getOAuth2Request()));
			log.info("getUserAuthentication>>>>" + JSON.toJSONString(((OAuth2Authentication) authentication).getUserAuthentication()));
		}
		return "resource: r2";
	}

	@GetMapping(value = "/r/r3")
	@PreAuthorize("#oauth2.hasAnyScope('ROLE_API')")
	public String r3(){
		Object authentication = SecurityContextHolder.getContext().getAuthentication();
		System.out.println(JSON.toJSONString(authentication));
		log.info(JSON.toJSONString(authentication));
		if (authentication instanceof OAuth2Authentication){
			log.info("getOAuth2Request>>>>" + JSON.toJSONString(((OAuth2Authentication) authentication).getOAuth2Request()));
			log.info("getUserAuthentication>>>>" + JSON.toJSONString(((OAuth2Authentication) authentication).getUserAuthentication()));
		}
		return "resource: r3";
	}

	@GetMapping(value = "/r/r4")
	@PreAuthorize("#hasAnyAuthority('p1')")
	public String r4(){
		Object authentication = SecurityContextHolder.getContext().getAuthentication();
		System.out.println(JSON.toJSONString(authentication));
		log.info(JSON.toJSONString(authentication));
		if (authentication instanceof OAuth2Authentication){
			log.info("getOAuth2Request>>>>" + JSON.toJSONString(((OAuth2Authentication) authentication).getOAuth2Request()));
			log.info("getUserAuthentication>>>>" + JSON.toJSONString(((OAuth2Authentication) authentication).getUserAuthentication()));
		}
		return "resource: r4";
	}
}
 
